Squire1039,
@Squire1039@lemm.ee avatar

VirusTotal doesn’t indicate keepassxc.exe 2.7.7 contacts this address. I’d be careful. Check the binaries’ signatures. Try a full install to see if that behaves differently.

keppassxc.exe: www.virustotal.com/gui/file/…/relations

KeePassXC-2.7.7-Win64.msi: virustotal.com/…/9c3dab957db0f769c4e67bfdf4f0134a…

Garrytianomorph,

Hash matches yours KeePassXC-2.7.7-Win64.msi virustotal.com/…/f-9c3dab957db0f769c4e67bfdf4f013…

Squire1039,
@Squire1039@lemm.ee avatar

140.82.121.5

Well, apparently, this is an A record for api.github.com. This name resolves to a different IP around the globe. See www.whatsmydns.net/#A/api.github.com

The IP is detected as “clean” on VirusTotal: www.virustotal.com/gui/ip-address/…/detection , although apparently (probably not surprising as it is github) is also a favorite address for everything including malware.

Maybe you can ask in the keepassxc discussion forum on github.

Gooey0210,

Maybe it’s trying to get favicons?

Turbo,

Did you get the app from trusted source? Did you check the md5 / sha512 hash after downloading to ensure no tamper?

That would freak me out also…

fizzyvelcro,

Checking the hash is only useful to confirm a correct download. If someone can change what binary you download, they can also change the hash and would be stupid not to…

Turbo,

Forsure, but if you still had the download and went to the sites official page today and could check if it matches to alleviate fear you downloaded a fake version etc.

TheAnonymouseJoker,
@TheAnonymouseJoker@lemmy.ml avatar

SHA-256 and stronger hashes have not been manipulated or cracked the way MD5 and CRC32 have been. Stop the FUD.

LWD, (edited )

Can you rewrite the question without the word “itself”? Because I am confused by it.

PS unlike Reddit, you can edit titles on posts

Edit: actually I wasn’t too clear myself: I didn’t know if you were referencing a Windows update or a KeePass update

UID_Zero,
@UID_Zero@infosec.pub avatar

Is that it’s update check?

itsnotits,

its* update check

Garrytianomorph,

it’s disabled

Matt,

There is a setting to automatically check for updates. I would see if that is enabled.

Garrytianomorph,

keepassxc is blocked by the firewall and updates are disabled, so calling the firewall confused me

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • InstantRegret
  • thenastyranch
  • mdbf
  • osvaldo12
  • tacticalgear
  • rosin
  • Durango
  • DreamBathrooms
  • magazineikmin
  • Youngstown
  • ngwrru68w68
  • slotface
  • cubers
  • kavyap
  • megavids
  • cisconetworking
  • ethstaker
  • normalnudes
  • GTA5RPClips
  • khanakhh
  • everett
  • tester
  • modclub
  • Leos
  • anitta
  • provamag3
  • JUstTest
  • lostlight
  • All magazines
    •